Hello
It seems to be a very common problem lately. However, I can’t find out any other possibility than coming here and request some help. It has been a week or two that I have been infected by URL such as anythicago & more.
Would you help me to go through ?
thank you very much in advance !!
FRST + Addition attached
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here .
[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[ ]In the main box please paste in the following script:
createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
I Still have some coming back when I reboot !
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Make sure that Addition option is checked.
[*]Press Scan button and wait.
[*]The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt .
Please include their content into your next reply.
You cannot have two antivirus products on the same PC. Either uninstall McAfee or Avast.
Hi jonasthing
After unintalling McAfee, did you also run the McAfee Consumer Product Removal (MCPR) tool to get rid of all leftovers ?
For instructions see http://service.mcafee.com/FAQDocument.aspx?lc=1033&id=TS101331 and scroll down to step 2.
Greetz, Red.
system
June 10, 2015, 6:01am
10
Thank you Rednose,
However, I still get Malwares attacking me this morning. Is there anithing else I can do ?
Can you make a picture of this warning?
system
June 10, 2015, 7:10am
12
So, this is a little preview of what my PC suffers now. Is it what you mean ?
URL : http://simplesitescan.net/4141/CutterSystem_142669222922984.dll
Infection : URL:Mal
Processus : C:\Windows\System32\svchost.exe
URL : http://simplesitescan.net/4141/PragmaEngine_142669353208041.dll
Infection : URL:Mal
Processus : C:\Windows\System32\svchost.exe
URL : http://opticguardzip.net/4141/SystemVisual_142669159145377.dll
Infection : URL:Mal
Processus : C:\Windows\System32\svchost.exe
URL : http://opticguardzip.net/4141/CutterSystem_142669222929184.dll
Infection : URL:Mal
Processus : C:\Windows\System32\svchost.exe
you can add also alwaysisobar and anythicago…
Thank you very much TwinHeadedEagle
EDIT : It appears mostly when I restart turn my PC from standby mode, but less when I reboot
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Fix with ZOEK
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]
Temporary disable your AntiVirus and AntiSpyware protection - instructions here .
[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[ ]In the main box please paste in the following script:
createsrpoint;
chrdefaults;
ffdefaults;
bitsadmin /reset /allusers;b
[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
system
June 10, 2015, 8:17pm
14
there it is !
it sounds better tonight, I will give a confirmation tomorrow !
Thank you very much anyway !
EDIT : THANK YOU